CVE-2008-4552

Publication date 14 October 2008

Last updated 24 July 2024

Ubuntu priority

The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
nfs-utils	8.10 intrepid	Fixed 1:1.1.2-4ubuntu1.1
	8.04 LTS hardy	Fixed 1:1.1.2-2ubuntu2.2
	7.10 gutsy	Fixed 1:1.1.1~git-20070709-3ubuntu1.1
	6.06 LTS dapper	Fixed 1:1.0.7-3ubuntu2.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-687-1
nfs-utils vulnerability
4 December 2008

Other references

https://www.cve.org/CVERecord?id=CVE-2008-4552